diff options
Diffstat (limited to 'net/bluetooth/hci_conn.c')
| -rw-r--r-- | net/bluetooth/hci_conn.c | 19 |
1 files changed, 12 insertions, 7 deletions
diff --git a/net/bluetooth/hci_conn.c b/net/bluetooth/hci_conn.c index 8671bc79a35b..a7a27bc2c0b1 100644 --- a/net/bluetooth/hci_conn.c +++ b/net/bluetooth/hci_conn.c | |||
| @@ -289,10 +289,20 @@ static void hci_conn_timeout(struct work_struct *work) | |||
| 289 | { | 289 | { |
| 290 | struct hci_conn *conn = container_of(work, struct hci_conn, | 290 | struct hci_conn *conn = container_of(work, struct hci_conn, |
| 291 | disc_work.work); | 291 | disc_work.work); |
| 292 | int refcnt = atomic_read(&conn->refcnt); | ||
| 292 | 293 | ||
| 293 | BT_DBG("hcon %p state %s", conn, state_to_string(conn->state)); | 294 | BT_DBG("hcon %p state %s", conn, state_to_string(conn->state)); |
| 294 | 295 | ||
| 295 | if (atomic_read(&conn->refcnt)) | 296 | WARN_ON(refcnt < 0); |
| 297 | |||
| 298 | /* FIXME: It was observed that in pairing failed scenario, refcnt | ||
| 299 | * drops below 0. Probably this is because l2cap_conn_del calls | ||
| 300 | * l2cap_chan_del for each channel, and inside l2cap_chan_del conn is | ||
| 301 | * dropped. After that loop hci_chan_del is called which also drops | ||
| 302 | * conn. For now make sure that ACL is alive if refcnt is higher then 0, | ||
| 303 | * otherwise drop it. | ||
| 304 | */ | ||
| 305 | if (refcnt > 0) | ||
| 296 | return; | 306 | return; |
| 297 | 307 | ||
| 298 | switch (conn->state) { | 308 | switch (conn->state) { |
| @@ -610,11 +620,6 @@ static void hci_req_add_le_create_conn(struct hci_request *req, | |||
| 610 | if (hci_update_random_address(req, false, &own_addr_type)) | 620 | if (hci_update_random_address(req, false, &own_addr_type)) |
| 611 | return; | 621 | return; |
| 612 | 622 | ||
| 613 | /* Save the address type used for this connnection attempt so we able | ||
| 614 | * to retrieve this information if we need it. | ||
| 615 | */ | ||
| 616 | conn->src_type = own_addr_type; | ||
| 617 | |||
| 618 | cp.scan_interval = cpu_to_le16(hdev->le_scan_interval); | 623 | cp.scan_interval = cpu_to_le16(hdev->le_scan_interval); |
| 619 | cp.scan_window = cpu_to_le16(hdev->le_scan_window); | 624 | cp.scan_window = cpu_to_le16(hdev->le_scan_window); |
| 620 | bacpy(&cp.peer_addr, &conn->dst); | 625 | bacpy(&cp.peer_addr, &conn->dst); |
| @@ -894,7 +899,7 @@ static int hci_conn_auth(struct hci_conn *conn, __u8 sec_level, __u8 auth_type) | |||
| 894 | /* If we're already encrypted set the REAUTH_PEND flag, | 899 | /* If we're already encrypted set the REAUTH_PEND flag, |
| 895 | * otherwise set the ENCRYPT_PEND. | 900 | * otherwise set the ENCRYPT_PEND. |
| 896 | */ | 901 | */ |
| 897 | if (conn->key_type != 0xff) | 902 | if (conn->link_mode & HCI_LM_ENCRYPT) |
| 898 | set_bit(HCI_CONN_REAUTH_PEND, &conn->flags); | 903 | set_bit(HCI_CONN_REAUTH_PEND, &conn->flags); |
| 899 | else | 904 | else |
| 900 | set_bit(HCI_CONN_ENCRYPT_PEND, &conn->flags); | 905 | set_bit(HCI_CONN_ENCRYPT_PEND, &conn->flags); |